[cryptography] PKI - and the threat model is ...?
ben at links.org
Tue Sep 13 07:40:14 EDT 2011
On Tue, Sep 13, 2011 at 12:36 PM, <dan at geer.org> wrote:
> | let's take just one of the above as an example: high-value monetary
> | transactions - the only item in the list that I am somewhat familiar
> | with.
> | I can not think of a single scenario where the two parties that do
> | that, prefer a trust chain that includes a third party for introduction
> | and identity vouching instead of the out-of-channel shared secret
> | or key fingerprint exchange. However, secure mass retail system is
> | pretty well impossible without such trusted third party.
> The higher the value of the transaction, the less likely it is done
> between parties that do not already know each other.
> The market opportunity is in protecting 1,000,000 x $10 transactions,
> not protecting 10 x $1,000,000 transactions.
> Complicating Factor:
> The fully automated opponent sees those two multiplications as equal.
? Presumably the point of this observation is that the two kinds of
transaction should use different protection (or at least, key
distribution) mechanisms and so the opponent should not see them as
More information about the cryptography